From 20c6984926436902ed5568e383f63320586dd649 Mon Sep 17 00:00:00 2001
From: Ryan Kelly <rfkelly@mozilla.com>
Date: Fri, 8 May 2020 11:00:58 +1000
Subject: [PATCH] Make the data-deletion script work for accounts with TOTP
 enabled.

---
 bin/delete_user_data.py | 16 ++++++++++------
 1 file changed, 10 insertions(+), 6 deletions(-)

diff --git a/bin/delete_user_data.py b/bin/delete_user_data.py
index 915d812..a4bdbd7 100644
--- a/bin/delete_user_data.py
+++ b/bin/delete_user_data.py
@@ -53,12 +53,16 @@ def main(argv):
         # TODO: this won't work if the user has enabled two-step auth.
         status = s.get_email_status()
         if not status["sessionVerified"]:
-            code = raw_input("Enter verification link or code: ")
-            if "?" in code:
-                # They copy-pasted the full URL.
-                code_url = urlparse.urlparse(code)
-                code = urlparse.parse_qs(code_url.query)["code"][0]
-            s.verify_email_code(code)
+            if s.verificationMethod == "totp-2fa":
+                code = raw_input("Enter TOTP code: ")
+                s.totp_verify(code)
+            else:
+                code = raw_input("Enter verification link or code received via email: ")
+                if "?" in code:
+                    # They copy-pasted the full URL.
+                    code_url = urlparse.urlparse(code)
+                    code = urlparse.parse_qs(code_url.query)["code"][0]
+                s.verify_email_code(code)
 
         # Prepare authentication details for tokenserver.
         (_, kB) = s.fetch_keys()